Megan Carroll reports: The Spokane Regional Health District is apologizing on Monday after it accidentally disclosed personal health information to a partner agency. According to a press release, SRHD discovered the unauthorized disclosure to Northeast Washington Educational Service District 101 on Tuesday, Sept. 8. Recipients included school administrations and nursing staff. Read more on KREM.
Category: Health Data
Montefiore employee terminated after data breach affected up to 4,000 patient records
Jeff Lagasse reports: On Friday, Montefiore Medical Center alerted patients that a former employee had recently stolen personal information from roughly 4,000 patient records, which led Montefiore to terminate the employee upon learning of the security breach and potential identity theft. Read more on Healthcare Finance. Their story appears to have a typo in it, though: the…
Member of thedarkoverlord sentenced to 60 months and $1.4 million in restitution
The first — and so far, only — person to have been arrested and charged as a member of “thedarkoverlord” pleaded guilty today in federal court in Missouri. Nathan Francis Wyatt, 39, of Wellingborough, Northamptonshire in the U.K. was sentenced by Judge Judge Ronnie L. White to 60 months in prison and almost $1.5 million…
Athens Orthopedic Clinic Pays $1.5 Million to Settle HHS Charges of Systemic Noncompliance with HIPAA Rules
From HHS, a settlement notice involving one of thedarkoverlord’s victims. Athens Orthopedic Clinic is still facing a lawsuit from patients that made it all the way up to the Georgia Supreme Court on the issue of whether they had demonstrated enough harm to survive a motion to dismiss. Note: This blogger is the journalist referenced…
Are covered entities unnecessarily giving fundraisers PHI on patients?
I have no doubt that numerous sites will start generating “lessons learned” or “five takeaways” from the Blackbaud breach — if they haven’t done so already. And perhaps one of the consequences of this mega-breach needs to be a discussion of whether some entities are unnecessarily giving their fundraising arms or business associates too much…
Ca: Regina clinic failed to notify patients of privacy breach, says commissioner
Mark Melnychuk reports: An investigation by Saskatchewan’s privacy commissioner found that a Regina medical clinic did not notify patients when a doctor’s dictation machine containing personal health information went missing a year ago. According to the report filed on Sept. 15, Saskatchewan Information and Privacy Commissioner Ronald J. Kruzeniski wrote that his office was notified…